15

I've just installed an SSL certificate for our domain, and now when I try to browse to the site using https I get a connection reset error in FF and chrome both locally and from a client. I can still access the site without SSL (using http).

If it makes any difference I have another SSL certificate installed for a different website, but it is bound to a different IP.

We are running IIS7 on Win2K8

EDIT: For the site that is not working with https: I cannot access this site via it's IP address either. The only way I can access it is by regular http and using the domain name.

James Hay
  • 481
  • 1
  • 3
  • 10
  • How are your bindings configured? – Shane Madden Oct 07 '11 at 04:10
  • Well I have my first site (whose SSL certificate works) bound to https, 443 with my first IP, and I have also http, mydomainname, my first IP port 80. My second website is the same, substituting my first IP for my second, and mydomainname for myotherdomainname. – James Hay Oct 09 '11 at 20:44
  • I am confused. Are both sites using the same ip and port number in their bindings? – mahnsc Oct 09 '11 at 20:54
  • No, both sites are using different IP's. Each site has 2 bindings, one for http on port 80 and one for https on port 443, but the bindings are using different IP's on both sites. – James Hay Oct 09 '11 at 21:00
  • Yeah and it's great that the http port wouldn't work again so the only evidence it's the SSL is that I just set it. Not sure why SSL will bring down the http as well. – Pavel Donchev May 25 '15 at 19:21

4 Answers4

20

Oh god embarrasing. So it turns out that I had set the correct SSL binding but in the binding I had actually forgotten to select the certificate that I had installed. So it was just sitting there as not selected. This was causing a whole bunch of chaos but now my ports all appear open and I can browse the site via IP and domain name.

James Hay
  • 481
  • 1
  • 3
  • 10
  • 1
    I did the same thing, couldn't figure it out! Thanks for posting. – Stuntbeaver Apr 21 '12 at 19:16
  • This also happens if you get an error message when you first add the binding, but the binding is added nevertheless. [This](http://stackoverflow.com/questions/14953132/iis-7-error-a-specified-logon-session-does-not-exist-it-may-already-have-been/19451777) is the error message I got when I was adding the binding. – RomanSt Oct 18 '13 at 14:11
  • I did the same thing. I think IIS doesn't save the first time around... – Riaan Oct 01 '15 at 09:30
  • Happened to me as well after importing an SSL cert and trying to bind it. Turns out, when importing the cert, it *has* to have the private key marked as exportable or else it won't bind in IIS. – blizz Apr 19 '16 at 22:10
  • 2
    I had the same thing, caused by an old IP address in the bindings after moving the server to a different network – davidpricedev Jul 14 '16 at 20:13
  • This happened to me as well after installing VS2017. The binding's certificate got unselected and I had to select it again manually. – Impworks Mar 22 '17 at 11:17
1

I had something similar issue with a selfSSL.exe created one.

NOT WORKING

SelfSSL.exe /T /n:CN=DEVExchange2k2,CN=DEVExchange2k,CN=*.devad002.tsosolutions.com,CN=*.tsodev.com /V:3650

WORKING

SelfSSL.exe /T /n:CN=DEVExchange2k,CN=*.devad002.tsosolutions.com,CN=*.tsodev.com /V:3650

Guess the CN has a max length I reached. just fyi

Tilo
  • 134
  • 1
  • 11
  • today you should avoid SelfSSL.exe and use Powershell. `get-help New-SelfSignedCertificate` (usable since PS5) – Tilo Apr 22 '20 at 16:21
0

Sometimes the use of SelfSSL.exe will lead to this problem, try to re-run the command selfssl.exe /N:CN=localhost /K:1024 /V:365 /S:{your site id} /P:443

Slipeer
  • 3,295
  • 2
  • 21
  • 33
zhuiyin shen
  • 1
0

On localhost I had to change the binding from my local ip address to "All Unassigned" and the error went away.

paul-2011
  • 165
  • 1
  • 6